Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RPRhg3r6W6mxYlnrbcaQtd1HG_0.roa
File:                     RPRhg3r6W6mxYlnrbcaQtd1HG_0.roa (raw, json)
Hash identifier:          PCcBuD+XOHkqZR066vUdJDQtIPBcImXxwsr23XMlVyk=
Subject key identifier:   44:F4:61:83:7A:FA:5B:A9:B1:62:59:EB:6D:C6:90:B5:DD:47:1B:FD
Certificate issuer:       /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial:       018D30B21027FBD287A89EC791494A6167F9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RPRhg3r6W6mxYlnrbcaQtd1HG_0.roa
Signing time:             Mon 22 Jan 2024 10:23:12 +0000
ROA not before:           Mon 22 Jan 2024 10:23:12 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        163.5.30.0/24 maxlen: 24
                          163.5.36.0/24 maxlen: 24
                          163.5.79.0/24 maxlen: 24
                          163.5.83.0/24 maxlen: 24
                          163.5.89.0/24 maxlen: 24
                          163.5.95.0/24 maxlen: 24
                          163.5.110.0/24 maxlen: 24
                          163.5.111.0/24 maxlen: 24
                          163.5.112.0/24 maxlen: 24
                          163.5.113.0/24 maxlen: 24
                          163.5.121.0/24 maxlen: 24
                          163.5.126.0/24 maxlen: 24
                          163.5.128.0/24 maxlen: 24
                          163.5.134.0/24 maxlen: 24
                          163.5.139.0/24 maxlen: 24
                          163.5.143.0/24 maxlen: 24
                          163.5.146.0/24 maxlen: 24
                          163.5.148.0/24 maxlen: 24
                          163.5.150.0/24 maxlen: 24
                          163.5.151.0/24 maxlen: 24
                          163.5.160.0/24 maxlen: 24
                          163.5.167.0/24 maxlen: 24
                          163.5.178.0/24 maxlen: 24
                          163.5.182.0/24 maxlen: 24
                          163.5.188.0/24 maxlen: 24
                          163.5.189.0/24 maxlen: 24
                          163.5.191.0/24 maxlen: 24
                          163.5.201.0/24 maxlen: 24
                          163.5.203.0/24 maxlen: 24
                          163.5.204.0/24 maxlen: 24
                          163.5.205.0/24 maxlen: 24
                          163.5.218.0/24 maxlen: 24
                          163.5.224.0/24 maxlen: 24
                          163.5.228.0/24 maxlen: 24
                          163.5.232.0/24 maxlen: 24
                          163.5.241.0/24 maxlen: 24
                          163.5.250.0/24 maxlen: 24
                          163.5.253.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 Jan 2024 15:14:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:30:b2:10:27:fb:d2:87:a8:9e:c7:91:49:4a:61:67:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
        Validity
            Not Before: Jan 22 10:23:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=44f461837afa5ba9b16259eb6dc690b5dd471bfd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:2d:36:b6:9a:f4:a9:50:f0:94:88:1d:20:d1:
                    34:fc:2c:f3:92:50:74:e5:17:ce:31:6a:f6:71:11:
                    15:d2:16:5e:dd:3e:de:30:e1:51:23:6c:9e:83:39:
                    f6:34:53:72:ed:eb:e3:10:69:ff:1c:f5:0c:fe:b1:
                    97:63:b3:22:5e:2f:30:5e:b1:00:b3:80:6c:2a:b4:
                    f0:66:88:2b:5c:e8:9e:55:0d:63:d4:14:4a:7d:31:
                    f7:3b:de:e0:00:e3:c4:09:0c:b6:55:a9:aa:1d:0c:
                    6e:96:0c:e0:8f:d6:5f:41:8b:14:bf:c3:4e:54:85:
                    d0:55:81:55:e6:ec:b5:af:df:8f:37:e2:5c:2a:4f:
                    eb:dc:42:73:27:45:5e:d7:ca:ec:55:2d:f8:aa:d5:
                    8c:1b:5e:85:46:76:43:ed:1b:07:4d:aa:12:6f:51:
                    b3:d3:ce:07:34:60:7a:bc:51:25:91:a4:13:fa:6d:
                    af:ae:78:c9:ee:0c:d1:71:ac:00:f7:c0:7b:80:d0:
                    05:73:8b:b4:c5:7e:cf:6e:66:af:02:76:b8:dd:9e:
                    33:76:09:7a:34:4c:f7:66:90:a5:71:ca:cd:57:ea:
                    ee:48:2a:32:58:6b:87:c2:60:78:5c:13:22:73:65:
                    59:b2:87:ee:4b:4a:89:39:75:d6:33:ee:0e:d2:e0:
                    34:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:F4:61:83:7A:FA:5B:A9:B1:62:59:EB:6D:C6:90:B5:DD:47:1B:FD
            X509v3 Authority Key Identifier:
                keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RPRhg3r6W6mxYlnrbcaQtd1HG_0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.5.30.0/24
                  163.5.36.0/24
                  163.5.79.0/24
                  163.5.83.0/24
                  163.5.89.0/24
                  163.5.95.0/24
                  163.5.110.0-163.5.113.255
                  163.5.121.0/24
                  163.5.126.0/24
                  163.5.128.0/24
                  163.5.134.0/24
                  163.5.139.0/24
                  163.5.143.0/24
                  163.5.146.0/24
                  163.5.148.0/24
                  163.5.150.0/23
                  163.5.160.0/24
                  163.5.167.0/24
                  163.5.178.0/24
                  163.5.182.0/24
                  163.5.188.0/23
                  163.5.191.0/24
                  163.5.201.0/24
                  163.5.203.0-163.5.205.255
                  163.5.218.0/24
                  163.5.224.0/24
                  163.5.228.0/24
                  163.5.232.0/24
                  163.5.241.0/24
                  163.5.250.0/24
                  163.5.253.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:36:68:21:4e:ca:2e:54:4b:85:04:74:cb:52:fa:b1:23:94:
         43:15:db:0f:08:7b:eb:97:b8:90:f7:c5:df:9d:2f:02:c4:01:
         15:fe:30:df:45:fb:d6:f7:ec:e9:68:4d:54:1d:8a:bb:93:bc:
         f2:e9:71:f0:81:bc:cb:53:c3:9e:86:59:fb:a8:13:2c:2a:90:
         bf:55:e2:00:18:0e:50:1c:3a:9b:bc:9a:70:9b:a4:79:00:7f:
         56:97:d0:d2:43:16:13:11:38:52:c3:74:c4:cb:ae:e9:60:26:
         a1:55:a0:2d:f9:03:e5:9e:73:c3:71:5e:81:1f:63:fd:07:63:
         29:cd:22:e4:14:e9:c8:83:1a:18:16:cd:8b:0a:6a:cf:0d:0f:
         9a:5c:7f:e2:e8:e4:55:a0:a1:dc:13:70:0c:fd:9b:78:c1:06:
         45:7b:05:68:ec:58:a8:4f:f0:5b:76:09:08:1c:fe:29:7e:fa:
         d2:72:3d:00:2e:ba:bd:87:6f:24:18:4d:4f:e5:35:3c:0b:2b:
         4a:51:59:5c:5f:c9:0b:fe:5c:58:18:5f:ad:54:6e:f4:d8:75:
         ed:c4:20:71:61:ba:35:28:35:af:ea:e3:26:14:1d:27:d7:1f:
         b3:05:db:4e:3a:31:28:89:86:a1:45:8a:b5:e8:07:1d:5f:e7:
         5b:d3:54:4b
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAY0wshAn+9KHqJ7HkUlKYWf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTIyMTAyMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGY0NjE4MzdhZmE1YmE5YjE2MjU5ZWI2ZGM2OTBiNWRkNDcxYmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnS02tpr0qVDwlIgdINE0/CzzklB0
5RfOMWr2cREV0hZe3T7eMOFRI2yegzn2NFNy7evjEGn/HPUM/rGXY7MiXi8wXrEA
s4BsKrTwZogrXOieVQ1j1BRKfTH3O97gAOPECQy2VamqHQxulgzgj9ZfQYsUv8NO
VIXQVYFV5uy1r9+PN+JcKk/r3EJzJ0Ve18rsVS34qtWMG16FRnZD7RsHTaoSb1Gz
084HNGB6vFElkaQT+m2vrnjJ7gzRcawA98B7gNAFc4u0xX7PbmavAna43Z4zdgl6
NEz3ZpClccrNV+ruSCoyWGuHwmB4XBMic2VZsofuS0qJOXXWM+4O0uA0uQIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFET0YYN6+lupsWJZ623GkLXdRxv9MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUlBSaGczcjZXNm14WWxucmJjYVF0ZDFIR18wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBACj
BR4DBACjBSQDBACjBU8DBACjBVMDBACjBVkDBACjBV8wDAMEAaMFbgMEAaMFcAME
AKMFeQMEAKMFfgMEAKMFgAMEAKMFhgMEAKMFiwMEAKMFjwMEAKMFkgMEAKMFlAME
AaMFlgMEAKMFoAMEAKMFpwMEAKMFsgMEAKMFtgMEAaMFvAMEAKMFvwMEAKMFyTAM
AwQAowXLAwQBowXMAwQAowXaAwQAowXgAwQAowXkAwQAowXoAwQAowXxAwQAowX6
AwQAowX9MA0GCSqGSIb3DQEBCwUAA4IBAQAgNmghTsouVEuFBHTLUvqxI5RDFdsP
CHvrl7iQ98XfnS8CxAEV/jDfRfvW9+zpaE1UHYq7k7zy6XHwgbzLU8Oehln7qBMs
KpC/VeIAGA5QHDqbvJpwm6R5AH9Wl9DSQxYTEThSw3TEy67pYCahVaAt+QPlnnPD
cV6BH2P9B2MpzSLkFOnIgxoYFs2LCmrPDQ+aXH/i6ORVoKHcE3AM/Zt4wQZFewVo
7FioT/BbdgkIHP4pfvrScj0ALrq9h28kGE1P5TU8CytKUVlcX8kL/lxYGF+tVG70
2HXtxCBxYbo1KDWv6uMmFB0n1x+zBdtOOjEoiYahRYq16AcdX+db01RL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:31 2024 by rpki-client on console-ams.rpki-client.org